<?php
require_once('lzu_op_fns.php');
do_html_header('重置密码');
if (isset($_POST['submit'])) { //重置密码
    require_once('db_fns.php');
    $sno = $_POST['sno'];
    $birthday = $_POST['birthday'];
    //检查表单是否填写完成
    if (!$sno || !$birthday) {
        echo "<script>alert('请填写完整的学号和生日！');location.href='forgot_form.php';</script>";
        exit;
    }
    //查询生日
    require_once('db_fns.php');
    $conn = db_connect();
    $sql = "select birthday from user where sno='$sno'";
    $result = $conn->query($sql);
    if ($result->num_rows > 0) {
        $row = $result->fetch_array();
        $birthday_db = $row['birthday'];
        if ($birthday_db != $birthday) {
            echo "<script>alert('生日错误！重置密码失败！');location.href='forgot_form.php';</script>";
            exit;
        }
    }
    //查询email
    require_once('db_fns.php');
    $conn = db_connect();
    $sql = "select email from user where sno='$sno'";
    $result = $conn->query($sql);
    $row = $result->fetch_array();
    $email = $row['email'];
    if ($email == null) {
        echo "未设置邮箱";
        //输入框
        echo "<form action='forgot_form.php' method='post'>";
        echo "<p>请输入邮箱：<input type='text' name='email'></p>";
        echo "<p>请确认邮箱：<input type='text' name='email2'></p>";
        echo "<p><input type='hidden' name='sno' value='" . $sno . "'></p>";
        echo "<p><input type='submit' name='submit2' value='提交'></p>";
        echo "</form>";
        exit;
    } else {
        update_password($email, $sno);
    }
} else if (isset($_POST['submit2'])) { //提交邮箱
    $sno = $_POST['sno'];
    $email = $_POST['email'];
    $email2 = $_POST['email2'];
    if ($email != $email2) {
        echo "<script>alert('邮箱不一致！');location.href='forgot_form.php';</script>";
        exit;
    }
    require_once('db_fns.php');
    $conn = db_connect();
    $sql = "update user set email='$email' where sno='$sno'";
    $result = $conn->query($sql);
    if ($result) {
        update_password($email, $sno);
    } else {
        echo "<script>alert('邮箱修改失败！');location.href='forgot_form.php';</script>";
    }
} else { //输入框
?>
    <form action="" method="post">
        <table bgcolor="#FFFF99">
            <tr>
                <td>请输入校园卡号：</td>
                <td><input type="text" name="sno" maxlength="16" /></td>
            </tr>
            <tr>
                <td>请输入出生日期：</td>
                <td><input type="date" name="birthday" value=""></td>
            </tr>
            <tr>
                <td colspan="2" align="center">
                    <input type="submit" name="submit" value="重置密码">
                </td>
            </tr>
        </table>
    </form>
    <a href="login.php">返回登录界面</a>
<?php
}
do_html_footer();
//生成一个八位数随机密码
function generate_password($length = 8)
{
    $password = '';
    $possible = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $i = 0;
    while ($i < $length) {
        $char = substr($possible, mt_rand(0, strlen($possible) - 1), 1);
        if (!strstr($password, $char)) {
            $password .= $char;
            $i++;
        }
    }
    return $password;
}
function update_password($email, $sno)
{
    $psw = generate_password();
    exec("python .\send_email.py " . $email . " " . $psw);
    echo "<script>alert('重置密码邮件已发送！');location.href='login.php';</script>";
    //修改用户密码
    require_once('db_fns.php');
    $conn = db_connect();
    $sql = "update user set psw=md5('$psw') where sno='$sno'";
    $conn->query($sql);
}
